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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 
A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on 1 1/21/05 has been entered. 

Claim Rejections - 35 USC § 103 

Claim 1-7 and 10-16 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bowman-Amuah (6,405,364 Bl) in view of Alsberg (4,672,572). 

In reference to claim 7, Bowman-Amuah discloses a system and method for building 
systems in a development architecture framework wherein security is integrated into the solution 
(abstract and fig. 2), the steps of the method comprising: identifying the security threats to the 
solution (column 18 lines 30-36); determining the security properties of the overall solution 
(column 49 line 66 to column 50 lines 53), Bowman-Amuah lists the properties provided by the 
components of the overall security solution; assigning selected security properties for the overall 
solution to components of the solution (column 124 lines 33-35), since the system requires 
security through out the system and therefore security properties need to be embedded in 
components of the solution; enumerating security requirements for infrastructure, components 
and operations (column 50 line 54 to column 51 lines 14); developing integrity requirements 
(column 18 lines 32-36). 
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Although Bowman-Amuah does not disclose creating a functional technology diagram, 
Bowman- Amuah does disclose documenting the process (column 17 lines 64-67), which 
performs the function of the functional technology diagram. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the functional technology diagrams. One of ordinary fski 11 in the art would 
have been motivated to do this because functional requirement diagrams capture the intended 
behavior of the system as shown in the documentation of the process that indicates the intended 
behavior; information that can later be used for testing. 

Bowman-Amuah does not expressly disclose the security subsystem that includes an 
audit subsystem, an integrity subsystem, and an information flow control subsystem. 

Alsberg discloses a protector device for enhancing security (abstract). The system 
includes an audit subsystem (column 6 lines 33-65), an integrity subsystem (column 7 lines 1- 
10), and an information flow control subsystem (column 8 lines 13-63). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to include audit subsystem, integrity subsystems, and information flow control 
subsystems as in Alsberg in the system of Bowman-Amuah. One of ordinary skill in the art 
would have been motivated to do this because auditing potentially sensitive material, integrity 
subsystems, and controlling the information flow would increase the security of the system. 

Bowman-Amuah discloses a system and method for building systems in a development 
architecture framework wherein security is integrated into the solution; however the security 
framework of Bowman-Amuah does not disclose using a baseline of a security model 
comprising a plurality of interrelated and interdependent security subsystems. 
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Perona discloses a system that performs rule checks in a two-way manner, restrictions 
such as licensing and source restrictions may be placed not only on system modules, but also on 
the applications using the security to be achieved (abstract). Therefore the modules of Perona 

include security properties in terms of a plurality of interconnected and interdependent security 

i 

subsystems (column 4 lines 20-58 in combination of column Fig. 5). 

% 

At the time the invention was made, it would have been obvious to a person of ordinary 

-4 

skill in the art to create a plurality of interconnected and interdependent security subsystems as in 
Perona in the system of Bowman- Amuah. One of ordinary skill in the art would have been 
motivated to do this because it would enable higher levels of security. 

In reference to claim I, Bowman- Amuah discloses a system and method for building 
systems in a development architecture framework wherein security is integrated into the solution 
(abstract and fig. 2). The system for analyzing a solution including a plurality of components 
comprising: a first system, which identifies the security threats for the solution (column 18 lines 
30-36); a second system, which determines the security properties and functions of the overall 
solution (column49 line 66 to column 50 line 53); a third system which is coupled to the second 
system and which allocates security properties to the components of the solution based upon the 
selected functions which are derived from the nature and number of the security subsystems 
within the solution (column 51 lines 1-25); a fourth system which is coupled to the third system 
for allocating the security properties to the components of the solution and which identifies 
functional requirements for the components, in terms of the Common Criteria, in order to comply 
with the security properties of the component allocated by the third system (column 124 lines 33- 
35); 
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Bowman-Amuah does not expressly disclose the system documenting the requirements 
for the security component, however Bowman-Amuah does discloses documentation of the 
process (column 17 lines 64-67), wherein the process satisfies the requirements the requirements 
and the process are related matter. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to document the requirements for the security component. One of ordinary skill in 
the art would have been motivated to do this because information that can later be used for 
testing wherein tests would be tailored to verify that the documented requirements have been 
satisfied. 

Bowman-Amuah does not expressly disclose the security subsystem that includes an 
audit subsystem, an integrity subsystem, and an information flow control subsystem. 

Alsberg discloses a protector device for enhancing security (abstract). The system 
includes an audit subsystem (column 6 lines 33-65), an integrity subsystem (column 7 lines 1- 
10), and an information flow control subsystem (column 8 lines 13-63). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to include audit subsystem, integrity subsystems, and information flow control 
subsystems as in Alsberg in the system of Bowman-Amuah. One of ordinary skill in the art 
would have been motivated to do this because auditing potentially sensitive material, integrity 
subsystems, and controlling the information flow would increase the security of the system. 

Bowman-Amuah discloses a system and method for building systems in a development 
architecture framework wherein security is integrated into the solution; however the security 

i 



i 
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framework of Bowman- Amuah does not disclose using a baseline of a security model 
comprising a plurality of interrelated and interdependent security subsystems. 

Perona discloses a system that performs rule checks in a two-way manner, restrictions 
such as licensing and source restrictions may be placed not only on system modules, but also on 
the applications using the security to be achieved (abstract). Therefore the modules of Perona 
use a baseline of a security model comprising a plurality of interrelated and interdependent 
security subsystems (column 4 lines 20-58 in combination of column Fig. 5). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to create a plurality of interconnected and interdependent security subsystems as in 
Perona in the system of Bowman- Amuah. One of ordinary skill in the art would have been 
motivated to do this because it would enable higher levels of security. 

In reference to claim 2, wherein the second system, which identifies security properties 
of the overall solution, includes a component that uses standard security subsystems for 
identifying security properties (column 49 line 66 to column 50 lines 53). ' 

In reference to claim 3 wherein the standard criteria for identifying security properties 
includes a system which maps functions of standard security subsystems to an ISO standard 
15408 also known as Common Criteria. 

Although Bowman- Amuah discloses the use of standards, Bowman- Amuah does not 
expressly disclose the use of industrial standards. ^ f 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use industrial standards. One of ordinary skill in the art would have been 

h 



Application/Control Number: 09/838,749 Page 7 

Art Unit: 2135 

motivated to do this because it would make the device compatible with other devices in the 
industry. 

In reference to claim 4, wherein the system further includes a system that documents the 
solution and the security assumptions using a solution design security methodology (column 2 
lines 30-43). 

In reference to claims 5 and 11-12, wherein the system further provides integrity 
assurance requirements using a standard set of criteria. 

Alsberg discloses the integrity subsystem providing integrity requirement (part 76 Fig. 5) 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to provide the integrity requirements as in Alsberg in the system of Bowman- 
Amuah. One of ordinary skill in the art would have been motivated to do this because the audit 
subsystem gives a view of the system which allows the system to be analyzed and changed to 
make it more secure. v 

In reference to claim 6 wherein the standard set of criteria are in accordance with ISO 

15408. 

f 

Although Bowman- Amuah discloses the use of standards, Bowman- Amuah does not 
expressly disclose the use of industrial standards. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use industrial standards. One of ordinary skill in the art would have been 
motivated to do this because it would make the device compatible with other devices in the 
industry. 
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In reference to claim 10, wherein the method further includes the step of documenting the 
solution environment and security assumptions and using the environment and security 
assumptions in developing the security properties of the overall solution (column 17 lines 64-67). 

In reference to claim 13 wherein the step of determining the security properties of the 
overall solution includes the step of using the Common Criteria of ISO Standard 15408. 

Although Bowman- Amuah discloses the use of standards, Bowman- Amuah does not 
expressly disclose the use of industrial standards. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use industrial standards. One of ordinary skill in the art would have been 
motivated to do this because it would make the device compatible with other devices in the 
industry. 

In reference to claims 14-15 wherein the step of using industry standard security criteria 
includes the step of using Common Criteria, which conforms to ISO Standard 15408. 

Although Bowman- Amuah discloses the use of standards, Bowman-Amuah does not 
expressly disclose the use of industrial standards. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use industrial standards. One of ordinary skill in the art would have been 
motivated to do this because it would make the device compatible with other devices in the 
industry. 

In reference to claim 16, wherein the step of enumerating security requirements for 
infrastructure components and operations includes the step of identifying, enumerating and 
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describing a number of standard security subsystems that in total represent the security function 
of the solution (column 49 line 66 to column 50 lines 53). 

Claims 8-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Bowman- 
Amuah in view of Alsberg as applied to claim 7 above, and further in view of Leighton et al 
(5,519,778). 

In reference to claim 8, Bowman- Amuah does not disclose ranking the security threats to 
the solution and considering the biggest threats to the security. 

Leighton discloses categorizing (ranking) the security levels and therefore threats 
(column 6 lines 36-45). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to categorize the security levels as in Leighton in the system of Bowman- Amuah. 
One of ordinary skill in the art would have been motivated to do this because increasing security 
can reduce the performance of the system therefore by using less security for threats that are 
considered lower security increases in performance can be achieved. 

In reference to claim 9, Bowman- Amuah does not disclose the step of ranking the 
security threats to the solution includes the step of doing less for security threats not considered 
substantial threats to the solution, 

Leighton discloses a hierarchy of security protection and therefore grading security needs 
(column 6 lines 37-67) 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to categorize the security levels as in Leighton in the system of Bowman- Amuah. 



Application/Control Number: 09/838,749 Page 10 

Art Unit: 2135 

One of ordinary skill in the art would have been motivated to do this because increasing security 
can reduce the performance of the system therefore by using less security for threats that are 
considered lower security increases in performance can be achieved. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Jablon 5,421,006 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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The 2100 Tech center will move to Carlyle in October 2004. The new telephone number 
for the receptionist is (571) 272-2100. The examiner's new telephone number will be (571) 272- 
3854. 
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